CLSA-2025-1742923385 ghostscript: Fix of CVE-2023-28879

CVE-2023-28879: Fix buffer overflow in base/sbcp.c by correctly handling write buffer for BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode functions...

CVE-2025-27834

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdffunc.c...

CVE-2025-27835

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c...

CVE-2025-27830

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs during serialization of DollarBlend in a font, for base/writet1.c and psi/zfapi.c...

CVE-2025-27833

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs for a long TTF font name to pdf/pdffmap.c...

CVE-2025-27832

An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c...

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript, and the Page Description Language for Portable Document Formatting PDL. A security vulnerability exists in Artifex Ghostscript versions prior to 10.05.0, which is caused by an oversized Type 4...

CVE-2025-27836

CVE-2025-27836 affects Ghostscript prior to 10.05.0, with a print buffer overflow in the BJ10V device (contrib/japanese/gdev10v.c). The issue is confirmed in multiple advisories, and a fix was deployed as part of ghostpdl-10.05.0. Connected documents indicate the vulnerability arises from imprope...

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript, and the Page Description Language for Portable Document Format PDL. A security vulnerability exists in Artifex Ghostscript versions prior to 10.05.0, which is caused by a text buffer overflow due t...

CVE-2025-27831

An issue was discovered in Artifex Ghostscript before 10.05.0. The DOCXWRITE TXTWRITE device has a text buffer overflow via long characters to devices/vector/doccommon.c...

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript prior to version 10.05.0, which is caused by a buffer overflow when converting glyphs to...

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript prior to version 10.05.0, which is caused by a buffer overflow due to long TTF fon...

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Formatting Language PDL. A security vulnerability exists in Artifex Ghostscript versions prior to 10.05.0, which is caused by a compression buffer overflow in the NPDL device...

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript versions prior to 10.05.0, which is caused by a buffer overflow during font serializatio...

CVE-2025-27834

CVE-2025-27834 affects Artifex Ghostscript prior to 10.05.0. The issue is a buffer overflow triggered by an oversized Type 4 function in a PDF, specifically in pdf/pdf_func.c. Connected sources corroborate the affected component and the root cause (buffer overflow when processing large Type 4 fun...

CVE-2025-27832

The CVE-2025-27832 issue affects Ghostscript prior to 10.05.0, specifically the NPDL device’s Compression buffer in contrib/japanese/gdevnpdl.c, which leads to a buffer/integer overflow. Public reports from multiple sources (e.g., ALAS/Amazon Linux advisories and Astra Linux bulletin) confirm the...

CVE-2025-27830

Ghostscript vulnerability CVE-2025-27830: a buffer overflow occurs when serializing DollarBlend in fonts, tracked to base/write_t1.c and psi/zfapi.c, in affected Ghostscript releases prior to 10.05.0. Exploitation could lead to denial of service and potentially arbitrary code execution if malform...

CVE-2025-27836

An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c...

CVE-2025-27833

CVE-2025-27833 affects Artifex Ghostscript prior to 10.05.0. A buffer overflow occurs when processing a long TTF font name in pdf/pdf_fmap.c. The CVSS metrics (LOCAL exploit, user interaction required, high impact on confidentiality, integrity, availability) are documented. Remediation is to upgr...

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript versions prior to 10.05.0, which is caused by a print buffer overflow in...